top of page
Writer's pictureChristopher Lee

Drag-and-Drop Network File to Desktop Security Warning

I was recently working with a client that was encountering an issue with Windows file security warnings when copying files from a network drive to their local computers. This actually appears to be a very common issue as I've seen many other posts with troubleshooting steps, but many of these threads ended with no resolution.


What was a little unique in my client's case was that they were a pure Azure operating environment. All their employees used Azure Virtual Desktops and all their operations lived in Azure, including using Azure File Shares for network storage.


The Issue

For a little more background, the issue occurred when employees tried to copy files from a network drive to their local desktop. In this case, the network drive was mapped to an Azure File Share.


When trying to drag-and-drop a file from the network drive to the desktop, the following security warning was received. This "these files might be harmful to your computer" warning is more of an inconvenience than an issue as employees could simply click the OK button and the file would copy but given copying files this way was the default behavior for everyone, it was an experience we did not want them to have.


These files might be harmful to your computer

The other interesting part here was that if we right-clicked and selected Copy and then Paste on the local desktop, the file copy occurred without any security warnings. Group Policy had been configured to set Internet Settings to include the FQDN of the Azure File Share in the Trusted Sites Zone, but the security warning continued to persist.




The Solution

To fully make the security warning pop-up disappear required a little more investigation. What the policy was not setting was a registry for the current user that controls the pop-up experiences for Internet Settings. Looking at the registry on the local system, there are two specific keys that I expected to see that did not exist, so I had to create them.


Specifically, this was the 180D key with a DWORD value of 0 in the following two locations:


HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3


Zone 1 refers to the Local Intranet Zone and Zone 3 refers to the Internet Zone. After creating these two keys and setting their values to 0 (as well as logging off and logging back on), I was successfully able to drag-and-drop a file from the network drive to the local system without any security warnings.


Now why does this work? Unfortunately, I do not have a great answer for that, but I can confirm this is a known solution by Microsoft based on their internal, non-public documentation. Some clues can be found in the Microsoft Doc Internet Explorer security zones registry entries for advanced users. This document identifies Internet Settings Zone settings based on registry key values. Noted in the article is key 180D, but the description simply says Reserved #. That doesn't tell us a whole lot, but this does identify it as a key that should be expected.


An important note in this article provides another clue. This note indicates that the value of 0 sets a specific action as permitted whereas other values result in a prompt or the action to be blocked. In our case, we created the key with a value of 0 to enable the action, which we can assume is the copying of files between zones.


21 views0 comments

Recent Posts

See All

Comments


bottom of page